"auxprop".
* Modify the package so that the smtpd.conf file is initially stored
with the other example files and copied over to its true location
via CONF_FILES. This allows modifying the postfix installation to
use some other SASL authenticaion method, e.g. PLAIN with saslauthd
through TLS.
* Only allow using one SASL library or the other, and prefer SASL2 to
SASL1.
- After "postfix reload", the master daemon now warns when the
inet_interfaces parameter setting has changed, and ignores the
change, instead of passing incorrect information to the smtp
server.
- After the postdrop command change with Postfix 2.0.11, the postcat
command no longer recognized "maildrop" queue files as valid.
- Mail could bounce when two messages were delivered simultaneously
to a non-existent mailbox file. The safe_open() code that prevents
race condition exploits will now try a little harder when it
actually encounters a race condition.
- Updated the IPv6 patch.
- Stricter smtpd input checks rejected invalid addresses starting with @.
- Stricter postdrop input checks broke "sendmail -bs".
- New "postcat -q" (search the queue for the named file) support
from snapshot release because I can no longer see people suffer.
- Allow <@site,@site:address> route addresses in SMTP commands.
This address form was deprecated years ago.
- "sendmail -q<time>" without -bd option now exits immediately,
instead of waiting for input and screwing up system boot sequences.
- The Postfix LMTP client used the wrong service name, causing
trouble with SASL 2.1.13.
- Turned off non-blocking write to pipe because too many systems
gave an unexpected write() result, causing partial delivery of
messages to commands like procmail.
- Ugly but harmless warnings from nqmgr after "postsuper -r" to
requeue files that already had some recipients delivered.
- The proxy_read_maps parameter did not recognize "," as separator.
- The local delibery agent now defers delivery after .forward etc.
file read error.
- The message_size_limit was applied when running "newaliases",
so that the result alias database could be truncated on systems
with very small message size limits.
The official release changes for bugfixes and portability issues only.
as samples, either by the user or by bsd.pkg.install.mk.
- Correctly handle configuration files, that is, avoid touching the conf
directory directly.
- Use OWN_DIRS to handle the spool directory.
- Run post-install through an INSTALL script.
- Sort PLIST after all these changes.
- Bump PKGREVISION to 1.
- The SMTP client did not deliver a partial last line when someone
submitted 8BITMIME mail not ending in newline via /usr/sbin/sendmail
while MIME input processing was turned off, and MIME 8bit->7bit
conversion was requested upon delivery.
- Postfix processes now abort when given a net/mask pattern with
a non-zero host portion (for example, 168.100.189.2/28), instead
of risking to become an open mail relay.
- Workaround for file system clock drift that caused Postfix to
ignore new mail (this could happen with queue file systems mounted
from a server).
Makefiles simply need to use this value often, for better or for
worse.
(2) Create a new variable FIX_RPATH that lists variables that should
be cleansed of -R or -rpath values if ${_USE_RPATH} is "no". By
default, FIX_RPATH contains LIBS, X11_LDFLAGS, and LDFLAGS, and
additional variables may be appended from package Makefiles.
Postfix 2.0 patchlevel 6 intends to protect vulnerable Sendmail
systems against exploitation of a remote buffer overflow problem
that is described in CERT advisory CA-2003-07.
- Postfix now truncates non-address information in message address
headers (comments, etc.) to 250 characters per address. This should
rarely present a problem. Reportedly, junk mail from poorly written
software can trigger the protection, but that is no great loss.
- Some little fixes to documentation.
- The SMTP server's hard and soft error limits were off by one.
With "smtpd_hard_error_limit = 1", Postfix will now disconnect
after the first error, instead of the second one.
- The proxymap server could deadlock when the mydestination parameter
setting included a proxymapped lookup table.
- Some little fixes to documentation.
- The format of maildir filenames is synchronized with the present
version of the maildir definition document. This format was already
adopted by the 20030126 snapshot release.
- The time limit on delivery to external commands was not enforced.
This was broken probably some time before the first public Postfix release.
- Duplicate elimination after virtual alias expansion works again.
This was broken with the introduction of the original recipient attribute.
- The local pickup daemon dropped incomplete records from local
submissions. This was broken somewhere in the middle of 2002.
configuration.
+ Document how to use /etc/rc.conf.d/postfix on NetBSD 1.5 and newer
to start /usr/pkg/sbin/postfix instead of /usr/sbin/postfix
+ Ensure that the postfix user and the postfix & maildrop groups exist.
Adds Darwin support, and prevents a working NetBSD postfix setup from being
broken on a "make install" of this package because the package used to
change /etc/postfix/{post-install,postfix-files,postfix-script}.
These changes are mostly from Amitai Schlair <schmonz@netbsd.org>,
with some tweaks by me. (Thanks Amitai!)
have it be automatically included by bsd.pkg.mk if USE_PKGINSTALL is set
to "YES". This enforces the requirement that bsd.pkg.install.mk be
included at the end of a package Makefile. Idea suggested by Julio M.
Merino Vidal <jmmv at menta.net>.
- Postfix 2.0 broke relocated table lookup results with mail not
rejected at the SMTP port, causing "User has moved to" text to be deleted.
- A widely used maildir filename generating algorithm was broken.
This affects all Postfix versions with maildir support. Instead of
TIME.PID_COUNT.HOST Postfix now uses TIME.DEVICE_INODE.HOST.
- Postfix 2.0 gave incorrect FILTER_README instructions for sites
that wish to disable virtual alias mapping before the content filter.
- Added MAILER-DAEMON to the list of always recognized local
addresses, since it is generated by Postfix bounces.
- Bugfix: transport_errno was not reset upon successful
transport map wildcard lookup after an earlier failure.
- Cleanup: unnecessary warnings from the proxymap client
after proxymap server disconnect.
- Cleanup: Patrik Rak found a few more chattr invocations
that were missed 20021209. Files: postfix-install,
conf/post-install.
- Cleanup: the pcre-config command can produce null outputs.
- Bugfix: the virtual(8) Makefile included $(AUXLIBS) in the
dependencies.
- Bugfix: fixed in the snapshots 20030105 but missed in the
stable release. "sendmail -bs" tried to access the proxymap
service. It should not try to open any user/domain/uce
related tables at all.
even though it seems to work now.
Why commented-out? This patch also includes a TLS patch and I don't know
if it's better/more stable/whatever compared to the existing TLS patch.
What I'd like to have is a separate patch for IPv6 and TLS. According to
the author this is available in the near future.
IMPORTANT: read the documents in /usr/pkg/share/doc/postfix/ before
upgrading from Postfix 1.1.
Hightlights:
- MIME support (including 8bit->7bit conversion and more
accurate matching of MIME headers in message bodies)
- completely rewritten RBL client code
- smarter handling of DNS lookup errors in UCE restrictions
- virtual delivery agent without transport map for every domain
- a long list of other things that are meant to improve performance
or functionality without compromising what already existed.
- The garbage in "user@garbage"@domain address forms may cause the
SMTP or LMTP client to terminate with a fatal error exit because
garbage/tcp is not an existing service. This cannot be abused
to cause the SMTP or LMTP client to send data into unauthorized
ports.
